AkiraBot: AI-Powered Spam Campaign Targets 420,000 Websites Using OpenAI's GPT-4o-mini

OpenAI's GPT-4o-Mini Helps Flood 80,000 Websites With Spam

An AI spambot used OpenAI's GPT-4o-mini to flood tens of thousands of websites with spam comments. AkiraBot, according to cybersecurity firm SentinelOne, successfully targeted at least 80,000 websites, mainly operated by small to medium-sized businesses using e-commerce platforms like Shopify, GoDaddy, Wix.com, and Squarespace. The tool would prompt OpenAI's model, "You are a helpful assistant that generates marketing messages." It would then instruct the Large Language Model (LLM) to tailor the spam messages based on the target website. For example, a construction firm would get a different message than a hair salon, reflecting their specific type of business. Because the spam content was different each time a message was generated, the tool was able to bypass many common spam filters. AkiraBot then posted these AI-generated spam messages on website contact forms, in an attempt to get the site owner to purchase SEO services. Later versions of the AI-spambot also targeted the Live Chat widgets integrated into many modern websites. Based on searching websites for links to AkiraBot domains, researchers demonstrated that the bot was able to spam websites in a way that led to the message later being indexed by search engines. SentinelOne says the bot appears to have operated from September 2024 onwards, and it has no relation to the prolific Akira ransomware group. But AkiraBot was a complex operation. It leaned on a variety of tools beyond OpenAI's GPT-4o-mini. SentinelOne explained how the bot's creator "invested significant effort into evading CAPTCHA filters" and used a proxy service to avoid network detection. OpenAI responded to the report, saying it was "grateful" for the research and that "the API key involved is disabled, and we're continuing to investigate and will disable any associated assets." It added: "We take misuse seriously and are continually improving our systems to detect abuse." There have been plenty of instances where OpenAI tools were used for nefarious purposes, such as the production of online propaganda materials by foreign governments. But oftentimes, cybercriminals lean on custom-built AIs designed specifically for crime. For example, WormGPT, spotted in mid-2023, helped criminals automate fraud by responding to victims' queries while pretending to be a bank.

AkiraBot Targets 420,000 Sites with OpenAI-Generated Spam, Bypassing CAPTCHA Protections

Cybersecurity researchers have disclosed details of an artificial intelligence (AI) powered platform called AkiraBot that's used to spam website chats, comment sections, and contact forms to promote dubious search engine optimization (SEO) services such as Akira and ServicewrapGO. "AkiraBot has targeted more than 400,000 websites and successfully spammed at least 80,000 websites since September 2024," SentinelOne researchers Alex Delamotte and Jim Walter said in a report shared with The Hacker News. "The bot uses OpenAI to generate custom outreach messages based on the purpose of the website." Targets of the activity include contact forms and chat widgets present in small to medium-sized business websites, with the framework sharing spam content generated using OpenAI's large language models (LLMs). What makes the "sprawling" Python-based tool stand apart is its ability to craft content such that it can bypass spam filters. It's believed that the bulk messaging tool has been put to use since at least September 2024, starting off under the name "Shopbot" in what appears to be a reference to websites using Shopify. Over time, AkiraBot has expanded its targeting footprint to include sites developed using GoDaddy, Wix, and Squarespace, as well as those that have generic contact forms and live chat widgets built using Reamaze. The crux of the operation - which is to generate the spam content - is facilitated by leveraging the OpenAI API. The tool also offers a graphical user interface (GUI) to choose the list of websites to be targeted and customize how many of them can be targeted in a concurrent fashion. "AkiraBot creates custom spam messages for targeted websites by processing a template that contains a generic outline of the type of message the bot should send," the researchers said. "The template is processed by a prompt sent to the OpenAI chat API to generate a customized outreach message based on the contents of the website." An analysis of the source code reveals that the OpenAI client uses the gpt-4o-mini model and is assigned the role of a "helpful assistant that generates marketing messages." Another notable aspect of the service is that it can get around CAPTCHA barriers to spam websites at scale and evades network-based detections by relying on a proxy service that's typically offered to advertisers. The targeted CAPTCHA services consist of hCAPTCHA, reCAPTCHA, and Cloudflare Turnstile. To accomplish this, the bot's web traffic is designed to mimic a legitimate end user and makes use of different proxy hosts from SmartProxy to obscure the source of the traffic. AkiraBot is also configured to log its activities in a file named "submissions.csv" that records both successful and failed spam attempts. An examination of these files has revealed that more than 420,000 unique domains have been targeted to date. Furthermore, success metrics related to CAPTCHA bypass and proxy rotation are collected and posted to a Telegram channel via API. In response to the findings, OpenAI has disabled the API key and other associated assets used by the threat actors. "The author or authors have invested significant effort in this bot's ability to bypass commonly used CAPTCHA technologies, which demonstrates that the operators are motivated to violate service provider protections," the researchers said. "AkiraBot's use of LLM-generated spam message content demonstrates the emerging challenges that AI poses to defending websites against spam attacks." The development coincides with the emergence of a cybercrime tool referred to as Xanthorox AI that's marketed as an all-in-one chatbot to handle code generation, malware development, vulnerability exploitation, and data analysis. The platform also supports voice-based interaction via real-time voice calls and asynchronous voice messaging. "Xanthorox AI is powered by five distinct models, each optimized for different operational tasks," SlashNext said. "These models run entirely on local servers controlled by the seller, rather than being deployed over public cloud infrastructure or through exposed APIs. This local-first approach drastically reduces the chances of detection, shutdown, or traceability."

Scammers Used OpenAI to Flood the Web with SEO Spam

A new report from SentinelOne exposed the inner workings of AkiraBot, a program that bypassed CAPTCHAs and used AI-generated messages to target 420,000 websites. AkiraBot is a program that fills website comments sections and customer service chat bots with AI-generated spam messages. Its goal is simple: it wants you to sign up for an SEO scheme that costs about $30 a month. For that low price it swears it can enchant Google's algorithms to get you on the frontpage. But it's a scam. A new report from researchers at cybersecurity firm SentinelOne documented how scammers deployed AkiraBot, the tool's use of OpenAI generated messages, and how it avoided multiple CAPTCHA systems and network detection techniques. According to the report, the bot targeted 420,000 unique domains and successfully spammed 80,000. Whoever runs AkirBot operates their SEO company under a bunch of different names, but they all tend to use the words "Akira" or "ServiceWrap." SentinelOne says the tool finds websites crafted by third party software like Wix or Squarespace and spams comments sections and automated chatbots with a promise to get the site on the frontpage of various search engines. If you have a small business that exists on the web or have run a WordPress-based website in the last 15 years, you've likely seen messages like those AkiraBot crafts. "My name is Megan, from The Akira Team -- I just noticed your website through your Entireweb Website Listing, and wanted to get in touch with you right away," a typical message reads, left in the comments of a candle company shop. "We have a special offer for your website today, and that is 1st Page Rankings in all major search engines (That's Google, Yahoo and Bing) + social media and video commercial advertising starting at just $29.99 which I am ABSOLUTELY certain will benefit your website and business, by bringing you LOTS of new customers, very very quickly." The oldest domain associated with the bot was registered in 2022 and SentinelOne says it was able to track its progression as it moved from attacking Shopify sites and evolved to take on those created with GoDaddy, Wix, and Squarespace. According to the researchers, AkiraBot used an OpenAI chat API to craft custom messages using gpt-4o-mini. It prompted GPT to give it messages after prompting it to be a "helpful assistant that generates marketing messages." All the messages were similar, but just different enough to fool traditional spam filters. OpenAI did not respond to 404 Media's request for comment, but SentinelOne thanked it in the conclusion of its report and printed a statement from the company. "We're grateful to SentinelOne for sharing their research," OpenAI told SentinelOne. "Distributing output from our services for spam is against our policies. The API key involved is disabled, and we're continuing to investigate and will disable any associated assets. We take misuse seriously and are continually improving our systems to detect abuse." The bot also evaded CAPTCHA, according to the researchers "We identified an archive with files for CAPTCHA-related servers and browser fingerprints, which allow the bot's web traffic to mimic a legitimate end user. The archives contain a fingerprint server that runs on the same system as the other AkiraBot tools and intercepts the website loading processes using Selenium WebDriver, an automation framework that simulates user browsing activity," the report said. SentinelOne also detailed how the bot used proxy hosts to avoid network detection. "In each archive SentinelOne analyzed, AkiraBot used the SmartProxy service. SmartProxy's website claims that its proxies are ethically sourced and that they provide data center, mobile, and residential proxies," the report said. "Each version of the bot uses the same proxy credentials, suggesting the same actor is behind each iteration." One recent variant of the bot -- Useakira -- is still up and has customer reviews on Trustpilot. They're all either five stars or one star. "Just got spammed on my wix chat too! Thanks for the reviews on here for saving me some time in confirming it's spam!" One user said. "No idea who this company are until today when I suddenly start getting emails. They've scraped my data from my website and are using it to try to sell me website advertising," said another included in the report. "Received 5 emails Useakira in one day though our websites contact us form, Trying to push their service, Spam company will not be engaging with them," said a third. There are also a lot of five star reviews for the service, but SentineLABS noted they follow a pattern. Five star reviewers tend to have one previous review made a few days before the Akira or ServiceWrap review and the messages often sound the same. "We believe the actor may be generating some fake reviews, though it is difficult to say with certainty," the report said. Although OpenAI did shut down the bad actor's API key, that the bot exists at all and was successful tens of thousands of times points to a grim future. AI slop is a brute force attack on algorithms that's filling all our feeds with machine-generated poison. Now crooks have used a similar method to run an SEO scam. It worked, for a while. Whoever built it will probably come back with something else. "We expect this campaign to continue to evolve as website hosting providers adapt defenses to deter spam," SentinelOne said in its report. On Wednesday President Trump signed an executive order which told respective agencies to revoke any security clearance held by Chris Krebs, SentinelOne's Chief Intelligence and Public Policy Officer, and others at the company. While he was the head of a part of DHS focused on cybersecurity, Krebs said that Biden won the 2020 election, going against Trump's false claims the election was stolen. "We are a cybersecurity company - our mission is to defend customers, enterprises, and governments against cyber threats by leveraging the most advanced Artificial Intelligence. We view the White House as a crucial collaborator on that mission, and we will continue to support a strong America at a time of heightened geopolitical threats," SentinelOne said in a statement. "We will actively cooperate in any review of security clearances held by any of our personnel - currently less than 10 employees overall and only where required by existing government processes and procedures to secure government systems. Accordingly, we do not expect this to materially impact our business in any way."

AkiraBot network hits thousands of sites with CAPTCHA bypassing AI spam

It can bypass CAPTCHA filters and generates spam using OpenAI API A major spam campaign leveraging ChatGPT targeted more than 400,000 websites and successfully spammed 80,000, even working around CAPTCHA filters to advertise shady services. This is according to cybersecurity researchers SentinelOne, who discovered the campaign and recently wrote an in-depth report about it. As per the report, at the center of the campaign is a platform called AkiraBot that targets website chats, comment sections, and contact forms. It is not related to the ransomware operation of the same name. It is a Python-based framework which uses an OpenAI API to create spam contents related to the general purpose of the website being targeted. The goal of the campaign is to advertise two dubious search engine optimization (SEO) services, called Akira and ServicewrapGO. What makes this spam campaign stand out is the way it works around CAPTCHA spam filters. "The bot creator has invested significant effort into evading CAPTCHA filters as well as avoiding network detections by relying on a proxy service generally marketed towards advertisers-though the service has had considerable interest and use by cybercriminal actors," the researchers said in their report. To bypass CAPTCHA, the bot uses fake web browsers that mimic a real person's browser behavior. It does this using a tool called Selenium, which is capable of opening websites and clicking around. Since websites can usually spot fake browsers (by hunting for clues such as missing fonts, mismatched browser info, etc.), the bot injects special code (inject.js) into the website as it loads. This code tweaks how the fake browser looks, making it seem more human. If this browser trick still doesn't fool the CAPTCHA, the bot then uses external CAPTCHA-solving services (like Capsolver) to crack it. It even targets chat systems on websites (like Reamaze) to refresh tokens and keep spamming undetected. SentinelOne believes AkiraBot has been in use since at least September 2024, targeting GoDaddy, Wix, Squarespace, and other websites. According to The Hacker News, OpenAI has disabled the API key and other associated assets the threat actors used, to tackle the threat. "The author or authors have invested significant effort in this bot's ability to bypass commonly used CAPTCHA technologies, which demonstrates that the operators are motivated to violate service provider protections," the researchers said. "AkiraBot's use of LLM-generated spam message content demonstrates the emerging challenges that AI poses to defending websites against spam attacks."

OpenAI Is Taking Spammers' Money to Pollute the Internet at Unprecedented Scale

Sam Altman's grand vision of democratizing artificial intelligence seems, per a new study, to include an ugly asterisk: it's monetized, at least in part, by spambots filling the web with AI-generated garbage. According to the cybersecurity firm SentinelOne, search engine optimization (SEO) scammers operated undetected for months using what company's experts are calling "AkiraBot," a "modular and sophisticated" tool that was able to bypass CAPTCHAs and other spam detection filters with ease. As SentinelOne explained, the bot was named not for any affiliation with the ransomware group Akira, but because that name, which means "bright" in Japanese, is used in a lot of the creators' affiliated domains. AkiraBot's bottom line seems to be directing traffic to its dubious SEO scheme -- and with GPT-4o-mini, that process seems to have been automated at scale. Having attempted to spam roughly 420,000 sites and successfully getting its trash through to some 80,000, the humans behind AkiraBot were almost certainly paying for access to OpenAI's API -- and we've reached out to the Altman-run company to confirm. The bot's chief targets, per SentinelOne's investigation, were small and medium-sized businesses -- and specifically, the contact forms and chat widgets on those companies' websites. Using GPT-4o-mini to craft templates based on whichever type of contact module was at play, the spammers customized unique messages for each website in ways that got around spam filters at least part of the time. Starting with instructions that tell OpenAI's most cost-efficient advanced model to act like a "helpful assistant that generates marketing messages," the bots' creators operated for months before SentinelOne got wise to its spam scam. In one example of an AkiraBot message from a targeted candle company's comments section, a phony customer service rep named "Megan" shilled SEO services that were, per angry reviews left on the "Akira" trustpilot page, nonexistent. "My name is Megan, from The Akira Team -- I just noticed your website through your Entireweb Website Listing, and wanted to get in touch with you right away," the spam message reads. "We have a special offer for your website today, and that is 1st Page Rankings in all major search engines (That's Google, Yahoo and Bing) + social media and video commercial advertising starting at just $29.99 which I am ABSOLUTELY certain will benefit your website and business, by bringing you LOTS of new customers, very very quickly." Upon discovering and analyzing these bots and their output, SentinelOne's researchers alerted OpenAI -- and to the company's credit, it immediately investigated and ultimately disabled the creators' account. Still, it managed to run in earnest between September 2024 and February 2025, when AkiraBot got caught -- and there's no way to know how long its creators, who weren't named, paid OpenAI for access to its API. More on AI scams: An AI Slop "Science" Site Has Been Beating Real Publications in Google Results by Publishing Fake Images of SpaceX Rockets

SentinelLabs exposes AkiraBot spam tool powered by OpenAI-generated messages - SiliconANGLE

SentinelLabs exposes AkiraBot spam tool powered by OpenAI-generated messages A new report out today from SentinelLabs, the research arm of cybersecurity company SentinelOne Inc., details a recently discovered artificial intelligence-powered spam tool that automates large-scale abuse of website contact forms and chat widgets by bypassing CAPTCHA protections. First observed in late 2024, "AkiraBot" has successfully targeted at least 80,000 of over 400,000 websites scanned, primarily those operated by small to medium-sized businesses on platforms like Shopify Inc., GoDaddy Inc., Wix.com Ltd. and Squarespace Inc. Spam bots aren't new, but where AkiraBot gets interesting is that it uses OpenAI's language models to generate customized messages for each website it targets. The bot differs from previous bots that rely on generic or repetitive spam content by instead scanning the structure and content of each site before crafting messages that appear contextually relevant. The approach makes the spam more convincing and significantly harder for traditional filtering systems to detect. Along with using OpenAI to generate text, AkiraBot was found by SentinelLabs to employ a variety of sophisticated CAPTCHA bypass mechanisms, including visual CAPTCHA solvers and automated response systems that can adapt to different CAPTCHA styles across various platforms. The ability to deal with CAPTCHA allows AkiraBot to interact with forms and chat interfaces much like a human would, further enhancing its ability to evade detection. AkiraBot's developers were also found to have implemented network evasion techniques in the bot, such as rotating proxy services, custom headers and randomized payloads to mask the origin of the traffic and avoid triggering security alarms. The functionality allows the bot to distribute its spam campaigns across a wide range of targets without being blocked at the network level. Currently, the bot is being used to promote dubious Search Engine Optimization services, which use domains with "Akira" as the SEO service brand. However, the SentinelLabs researchers note that the modular framework could be easily repurposed for more harmful campaigns. Potential future uses include phishing attacks, malware distribution, or even social engineering campaigns aimed at compromising sensitive data. "AkiraBot is a sprawling framework that has undergone multiple iterations to integrate new spamming target technologies and evade website defenses," said the researchers in the report. "We expect this campaign to continue to evolve as website hosting providers adapt defenses to deter spam." "AkiraBot's use of LLM-generated spam message content demonstrates the emerging challenges that AI poses to defending websites against spam attacks," added the researchers.